我看到该文件夹具有管理员的组所有权.
我将此项目和所有子项目的所有权更改为用户管理员.我验证了所有子项目确实现在拥有管理员的所有权.
但后来我尝试在该文件夹中创建一个新的txt文件,当我去看看它的所有权是什么时,它就是管理员.我希望新的所有权从它的父项继承所有权,或者从我登录的用户管理员那里获取.
https://support.microsoft.com/en-us/kb/947721
A Group Policy setting is not available in the security policy settings list on a computer that is running Windows Server 2008
SYMPTOMS
When you try to access the “System objects: Default owner for objects created by members of the Administrators group” Group Policy setting on a computer that is running Windows Vista or newer,this setting is not available in the security policy settings list.
When the setting is present in your security group policy,it will be ignored by Windows Vista and newer domain members.CAUSE
Windows Vista,Windows 7,Windows Server 2008 and Windows Server 2008 R2 do not support this setting any longer. When enabled,User Account Control (UAC) will ensure the user account is being used as owner for all objects created locally. For remote access,the administrators group will be used there is no restricted token for network sessions.
Since the support for the setting was removed,the system security policy “System objects: Default owner for objects created by members of the Administrators group” setting is not available in the Security Templates user interface anymore.
在组策略中查看设置“系统对象:管理员组成员创建的对象的默认所有者”.它位于:
>计算机配置
> Windows设置
>安全设置
>地方政策
>安全选项
启用此设置后,“管理员”组的成员将拥有与所有者“管理员”设置的对象.
说实话,我不会立即确定微软的这种行为的理由,除了说它允许一个共同的能力重置对象的权限,而不是由所有“管理员”拥有所有权.我猜这是意图.我有兴趣看看是否有人链接到Microsoft的此设置的明确目的声明.
我注意到这个设置的默认设置在Windows XP和Windows Server 2003之间有所不同(这是微软在http://support.microsoft.com/kb/318825上发表的一篇文章),但我仍然没有看到为什么你希望设置方式与另一方面相反的目的陈述.